Oracle Security Vulnerabilities (CVEs)
Track 682 security vulnerabilities affecting Oracle products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This vulnerability in Oracle Solaris 11 allows a low-privileged local attacker to potentially compromise the entire system, leading to complete takeov...
Apr 16, 2024This critical vulnerability in Oracle Hospitality Simphony Enterprise Server allows authenticated attackers with low privileges to remotely compromise...
Apr 16, 2024This critical vulnerability in Oracle Hospitality Simphony allows unauthenticated attackers with network access via HTTP to completely compromise the ...
Apr 16, 2024This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via T3 or IIOP protocols to access sensitive data. I...
Apr 16, 2024This vulnerability in Oracle Solaris Zones allows a high-privileged attacker with local access to compromise the entire Solaris system, potentially le...
Apr 16, 2024This critical vulnerability in Oracle Hospitality Simphony Enterprise Server allows authenticated attackers with low privileges to completely compromi...
Apr 16, 2024This vulnerability in Oracle Hospitality Simphony allows unauthenticated attackers with network access via HTTP to potentially access, modify, or dele...
Apr 16, 2024This vulnerability in Oracle Agile PLM allows authenticated attackers with network access to execute arbitrary code through deserialization of untrust...
Feb 17, 2024This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via HTTP to compromise the server. It enables unauth...
Feb 17, 2024This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via T3 or IIOP protocols to access sensitive data. I...
Feb 17, 2024This vulnerability in Oracle Enterprise Manager Base Platform's Log Management component allows an unauthenticated attacker with network access via HT...
Feb 17, 2024This vulnerability in Oracle Audit Vault and Database Firewall allows unauthenticated attackers with network access via Oracle Net to modify or delete...
Feb 17, 2024This Java security vulnerability allows attackers to bypass sandbox protections in client-side Java deployments. It affects Java SE, GraalVM for JDK, ...
Jan 16, 2024This vulnerability in Oracle Audit Vault and Database Firewall allows a high-privileged attacker with network access via Oracle Net to potentially tak...
Jan 16, 2024This vulnerability in Oracle Java SE and GraalVM allows unauthenticated attackers with network access to modify critical data in Java deployments that...
Jan 16, 2024This vulnerability in Oracle Enterprise Manager Base Platform allows high-privileged attackers with physical network access to compromise the system, ...
Jan 16, 2024This vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows authenticated attackers with low privileges to perform u...
Jan 16, 2024This vulnerability in Oracle MySQL Connector/J allows an unauthenticated attacker with network access to potentially compromise the connector through ...
Oct 17, 2023This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via T3 or IIOP protocols to access sensitive data. I...
Oct 17, 2023This vulnerability in Oracle Hospitality OPERA 5 Property Services allows authenticated attackers with low privileges to completely compromise the sys...
Oct 17, 2023This critical vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via T3 or IIOP protocols to completely comp...
Oct 17, 2023This vulnerability in MySQL Installer allows low-privileged local attackers to compromise the installer through social engineering. When exploited, it...
Oct 17, 2023This vulnerability in Oracle VM VirtualBox allows a high-privileged attacker with local access to the host system to compromise VirtualBox, potentiall...
Oct 17, 2023This vulnerability in Oracle VM VirtualBox allows a high-privileged attacker with local access to compromise the virtualization software, potentially ...
Oct 17, 2023This vulnerability in Oracle Hospitality OPERA 5 Property Services allows a low-privileged attacker with network access via HTTP to fully compromise t...
Oct 17, 2023This critical vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via T3 or IIOP protocols to completely comp...
Oct 17, 2023This critical vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via T3 or IIOP protocols to completely comp...
Oct 17, 2023This vulnerability in Oracle HTTP Server allows unauthenticated attackers with network access via HTTP to access sensitive data. It affects Oracle Fus...
Oct 17, 2023This vulnerability in Oracle Hyperion Workspace allows authenticated attackers with low privileges to manipulate critical data, access sensitive infor...
Jul 18, 2023This vulnerability in Oracle Hyperion Financial Reporting allows authenticated attackers with low privileges to access sensitive data and cause partia...
Jul 18, 2023This vulnerability in Oracle WebLogic Server allows unauthenticated attackers to cause a denial of service (DoS) by crashing or hanging the server via...
Apr 18, 2023This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via the T3 protocol to gain unauthorized access to s...
Apr 18, 2023This vulnerability in Oracle Solaris allows a high-privileged attacker with local access to compromise the system through a utility component. It requ...
Apr 18, 2023This vulnerability in Oracle VM VirtualBox allows a low-privileged attacker with local access to the host system to potentially compromise the Virtual...
Apr 18, 2023This vulnerability in Oracle VM VirtualBox allows a high-privileged attacker with local access to the host system to compromise VirtualBox and potenti...
Apr 18, 2023This vulnerability in Oracle WebLogic Server allows unauthenticated attackers with network access via the T3 protocol to cause a denial of service by ...
Apr 18, 2023This vulnerability in Oracle Solaris 10 allows a low-privileged local attacker to gain complete control over the system. It affects users running Orac...
Apr 18, 2023This vulnerability in Oracle Hospitality OPERA 5 Property Services allows high-privileged attackers with network access via HTTP to potentially access...
Apr 18, 2023This vulnerability in Oracle Health Sciences InForm allows authenticated attackers with low privileges to perform unauthorized data manipulation, acce...
Apr 18, 2023This vulnerability in Oracle Java SE and GraalVM Enterprise Edition's JSSE component allows attackers to compromise confidentiality and integrity of d...
Apr 18, 2023This vulnerability in MySQL Server allows unauthenticated attackers with network access to cause a denial of service (DoS) by crashing or hanging the ...
Apr 18, 2023This vulnerability in Oracle Solaris's NSSwitch component allows a low-privileged attacker with local access to potentially gain full control of the s...
Apr 18, 2023CVE-2022-21566 is an unauthenticated vulnerability in Oracle Applications Framework's Diagnostics component that allows attackers to access sensitive ...
Jul 19, 2022This vulnerability in Oracle Coherence allows unauthenticated attackers with network access via T3 or IIOP protocols to cause denial of service by cra...
Jul 19, 2022This vulnerability in Oracle WebCenter Content's Search component allows unauthenticated attackers with network access via HTTP to compromise the syst...
Jul 19, 2022This vulnerability in Oracle Crystal Ball allows a low-privileged attacker with local access to the system where the software runs to potentially comp...
Jul 19, 2022This vulnerability in Oracle SOA Suite allows unauthenticated attackers with network access via HTTP to compromise the system. It affects Oracle Fusio...
Jul 19, 2022This vulnerability in Oracle Enterprise Manager's Policy Framework allows unauthenticated attackers with network access via HTTP to potentially compro...
Jul 19, 2022This vulnerability in Oracle JD Edwards EnterpriseOne Tools allows authenticated attackers with network access to perform unauthorized data manipulati...
Jul 19, 2022CVE-2022-21543 is a critical vulnerability in Oracle PeopleSoft Enterprise PeopleTools that allows unauthenticated attackers to remotely execute arbit...
Jul 19, 2022Why Monitor Oracle Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 682+ known vulnerabilities affecting Oracle products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Oracle packages in under 60 seconds. No agents required - completely agentless scanning that works across Oracle deployments.
Free vulnerability database: Access detailed information about every Oracle CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Oracle CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
